olenko@feddit.nl to Technology@lemmy.worldEnglish · 2 年前UPDATE YOUR BROWSERS IMMEDIATELY. RCE VULNERABILITY DISCOVEREDnvd.nist.govexternal-linkmessage-square93fedilinkarrow-up1428file-textcross-posted to: security@lemmy.mltechnology@lemmy.world
arrow-up1428external-linkUPDATE YOUR BROWSERS IMMEDIATELY. RCE VULNERABILITY DISCOVEREDnvd.nist.govolenko@feddit.nl to Technology@lemmy.worldEnglish · 2 年前message-square93fedilinkfile-textcross-posted to: security@lemmy.mltechnology@lemmy.world
Any Chromium and Firefox browser prior to version 116 will be vulnerable to this, update your browsers.
minus-squaredwokimmortalus@lemmy.worldlinkfedilinkEnglisharrow-up4·2 年前It’s anything implementing .webp support. Though the CVE has been out for nearly two weeks already so most apps have been patched.
minus-squareMarius@lemmy.mariusdavid.frlinkfedilinkEnglisharrow-up1·2 年前Actually, it’s specific to libwebp, but many things that decode webp just use this library (for example, decoding webp with the “image” rust crates doesn’t use libwebp. It does use it for encoding thought).
It’s anything implementing .webp support. Though the CVE has been out for nearly two weeks already so most apps have been patched.
Actually, it’s specific to libwebp, but many things that decode webp just use this library (for example, decoding webp with the “image” rust crates doesn’t use libwebp. It does use it for encoding thought).